[PATCH] D70470: [analyzer] Add FuchsiaHandleCheck to catch handle leaks, use after frees and double frees
Gábor Horváth via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Nov 26 11:54:26 PST 2019
xazax.hun added a comment.
Ok, now I have some real world experience with the results of the check.
The false positive ratio for double free and use after free seems to be quite good but the handle leak part is almost unusable at this point. The main problem is somewhat anticipated, we are not doing a great job notifying the checkers about escaped non-pointer symbols. The question is, what should we do about this? Should the `PointerEscape` callback be renamed? Currently, the list of symbols will also contain non-pointer symbols, so in some cases that callback does solve the escaping issue for integers. But it is not consistent.
So I see two ways forward:
1. Have a separate SymbolEscape callback.
2. Rename PointerEscape, and fix it to be triggered for all kinds of pointers.
I feel like the 2. is a better solution. Of course, that change might have a performance impact as well.
Any thoughts?
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D70470/new/
https://reviews.llvm.org/D70470
More information about the cfe-commits
mailing list